<?php
$uname=$_GET['username'];
$pwd=$_GET['password'];
echo $uname;

$query_str="SELECT * FROM users WHERE username='{$uname}' and password=password('{$pwd}');";
$str="SELECT * FROM users WHERE username='{$uname}' and password=password('{$pwd}');";

$mysqli = new mysqli("127.0.0.1", "root", "5212", "hahaha_5212");
/* check connection */
if ($mysqli->connect_errno) {
    printf("Connect failed: %s\n", $mysqli->connect_error);
}
else echo "hehehe.<br>";

if ($result1= $mysqli->multi_query($query_str))
        echo "badbadbad <br> ";
$mysqli->close();

$mysqli = new mysqli("127.0.0.1", "root", "5212", "hahaha_5212");
/* check connection */
if ($mysqli->connect_errno) {
    printf("Connect failed: %s\n", $mysqli->connect_error);
    exit();
}
/* Select queries return a resultset */
if ($result = $mysqli->query($query_str)) {
        if ($result->num_rows > 0 ){
                echo "<br> Wellcome login Mr/Mrs:{$uname} webpage-jumping !!!!!<br> ";
                header("Refresh:5;url=welcome.php");
        } else {
                echo "Wrong ID or Password, <br> login failed!!!! <br> " ;
                        }
    /* free result set */
    $result->close();
}
else
{ echo "EXM???";}
$mysqli->close();
?>
